General

  • Target

    9c4fafff8330cec9189fb12aae246cf5bdc3a63e44a9e8682c370968685c3c7c

  • Size

    287KB

  • MD5

    0dee8f2f3873885995332bce21f310c6

  • SHA1

    8b47f70f102a6256ac434ac7cfb58f4a98945439

  • SHA256

    9c4fafff8330cec9189fb12aae246cf5bdc3a63e44a9e8682c370968685c3c7c

  • SHA512

    a5572a76fbc51ad5a97cf7cbdb53dc98d8b7a142aa506bfdb01134b2bdb984860c758f159693c8f740e6987e683e8d4291613d272eaaaf6022b4962d26c2ec7b

  • SSDEEP

    6144:BmcD66RRjv5JGmrpQsK3FD2u270jupCJsCxC3:0cD663O92zkPaCxS

Score
10/10

Malware Config

Extracted

Family

cybergate

Version

2.6

Botnet

Adele_Album

C2

186.212.254.202:2000

Mutex

***MUTEX***

Attributes
  • enable_keylogger

    true

  • enable_message_box

    false

  • ftp_directory

    ./logs/

  • ftp_interval

    30

  • injected_process

    explorer.exe

  • install_dir

    install

  • install_file

    server.exe

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • message_box_caption

    texto da mensagem

  • message_box_title

    título da mensagem

  • password

    1234

  • regkey_hkcu

    win32

  • regkey_hklm

    win32

Signatures

Files

  • 9c4fafff8330cec9189fb12aae246cf5bdc3a63e44a9e8682c370968685c3c7c
    .exe windows x86


    Headers

    Sections